fix: #172 IAM user account number is retrieved using GetCallerIdentity()

Noovolari · Sep 23, 2021 · 163efcc · 163efcc
1 parent b9b5817
commit 163efcc
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 4 deletions.
diff --git a/src/app/components/session/session-card/session-card.component.ts b/src/app/components/session/session-card/session-card.component.ts
@@ -16,6 +16,7 @@ import {SessionFactoryService} from '../../../services/session-factory.service';
 import {SessionStatus} from '../../../models/session-status';
 import {SessionService} from '../../../services/session.service';
 import {Constants} from "../../../models/constants";
+import {AwsIamUserService} from "../../../services/session/aws/methods/aws-iam-user.service";
 
 @Component({
   selector: 'app-session-card',
@@ -147,7 +148,7 @@ export class SessionCardComponent implements OnInit {
   /**
    * Copy credentials in the clipboard
    */
-  copyCredentials(session: Session, type: number, event) {
+  async copyCredentials(session: Session, type: number, event) {
     event.stopPropagation();
     try {
       const workspace = this.workspaceService.get();
@@ -157,7 +158,13 @@ export class SessionCardComponent implements OnInit {
           2: (session as AwsIamRoleFederatedSession).roleArn ? `${(session as AwsIamRoleFederatedSession).roleArn}` : ''
         };
 
-        const text = texts[type];
+        let text = texts[type];
+
+        // Special conditions for IAM Users
+        if (session.type === SessionType.awsIamUser) {
+          // Get Account from Caller Identity
+          text = await (this.sessionService as AwsIamUserService).getAccountNumberFromCallerIdentity(session);
+        }
 
         this.appService.copyToClipboard(text);
         this.appService.toast('Your information have been successfully copied!', ToastLevel.success, 'Information copied!');

diff --git a/src/app/services/native-service.ts b/src/app/services/native-service.ts
@@ -72,8 +72,6 @@ export class NativeService {
       this.ipcRenderer = (window as any).native.ipcRenderer;
       this.nativeTheme = (window as any).native.nativeTheme;
       this.notification = (window as any).native.notification;
-
-      console.log(this.nativeTheme);
     }
   }
 }
diff --git a/src/app/services/session/aws/methods/aws-iam-user.service.ts b/src/app/services/session/aws/methods/aws-iam-user.service.ts
@@ -127,6 +127,20 @@ export class AwsIamUserService extends AwsSessionService {
       }
   }
 
+  async getAccountNumberFromCallerIdentity(session: Session): Promise<string> {
+    // Get credentials
+    const credentials: CredentialsInfo = await this.generateCredentials(session.sessionId);
+    AWS.config.update({ accessKeyId: credentials.sessionToken.aws_access_key_id, secretAccessKey: credentials.sessionToken.aws_secret_access_key, sessionToken: credentials.sessionToken.aws_session_token });
+    // Configure sts client options
+    try {
+      const sts = new AWS.STS(this.appService.stsOptions(session));
+      const response = await sts.getCallerIdentity({}).promise();
+      return response.Account;
+    } catch (err) {
+      throw new LeappAwsStsError(this, err.message);
+    }
+  }
+
   // eslint-disable-next-line @typescript-eslint/naming-convention
   private generateSessionTokenCallingMfaModal( session: Session, sts: AWS.STS, params: { DurationSeconds: number }): Promise<CredentialsInfo> {
     return new Promise((resolve, reject) => {